Smartphone Security Rules: India Proposes Mandatory Source Code Disclosure; Tech Giants Apple, Samsung and Others Express Concern
India smartphone security, smartphone source code rules India, MAIT India smartphone, India Telecom Security Assurance Requirements, smartphone malware scanning India, pre-installed apps removal India, Apple Samsung India security, India phone update rules, India smartphone cybersecurity, Indian smartphone market regulations
New Delhi, January 11: The Indian government has proposed a significant overhaul of smartphone security regulations to strengthen user protection in the country, which is home to nearly 750 million smartphones. The draft rules are part of 83 security requirements aimed at mitigating digital fraud, data breaches, and potential cyber espionage in India’s rapidly growing mobile market.
Smartphone Source Code Disclosure Requirements in India
Under the proposed Telecom Security Assurance Requirements, smartphone makers would be required to provide proprietary source code to government-designated laboratories for analysis and testing. This would allow authorities to identify potential vulnerabilities in phone operating systems that could be exploited by attackers. The rules would also require software modifications, including the ability for users to uninstall pre-installed apps and restrictions preventing apps from accessing cameras, microphones, or location services in the background when devices are inactive. How To Protect Your Phone From Hackers? Learn Best Ways To Prevent Mobile Malware Attacks Leading to Financial Losses and Data Leaks.
Industry Response and Opposition from Major Tech Firms
Major smartphone manufacturers, including Apple, Samsung, Google, and Xiaomi, along with the Manufacturers’ Association for Information Technology (MAIT), have expressed strong opposition to the proposed rules. Industry representatives have argued that mandatory source code disclosure is not globally precedent and could compromise corporate secrecy and intellectual property. They also highlighted technical challenges, including the storage of 12 months of on-device logs, the battery drain caused by continuous malware scanning, and the impracticality of notifying the government for major software updates that must be deployed quickly to protect users.
Key Security Mandates for Smartphones in India
The draft regulations include several highly specific requirements: devices must store security audit logs, including app installations and login attempts, for 12 months; phones must periodically scan for malware and potentially harmful apps; all pre-installed apps, except those essential for basic functions, must be deletable; major software updates and security patches must be reported to a government organisation before release; phones must detect tampering such as rooting or jailbreaking and display continuous warnings; and anti-rollback protections must block installation of older software versions. Industry sources have noted that many of these measures lack a global standard or reliable implementation methods.
Government Consultation and Implementation Timeline
IT Secretary S. Krishnan stated that “any legitimate concerns of the industry will be addressed with an open mind,” adding that it is “premature to read more into it.” A Ministry spokesperson said it could not comment further due to ongoing consultations with tech companies on the proposals. The IT Ministry and tech executives are scheduled to meet on January 13, 2026, for further discussions. New Android Malware Alert! FvncBot, SeedSnatcher and Upgraded ClayRat Can Hack Your Mobile Phone and Steal Banking Data; Here’s How To Protect Your Device.
Global Context and Market Impact
Companies including Apple, Samsung, Google, and Xiaomi, which hold 5%, 15%, and 19% of India’s smartphone market respectively, have expressed that these rules could create operational difficulties, raise costs, and delay software updates. MAIT has formally requested that the government reconsider or drop some of the proposals, citing impracticality and lack of global precedent. The draft rules follow previous government efforts to mandate cybersecurity measures, including the now-revoked order requiring a state-run cyber safety app on phones.
(The above story first appeared on LatestLY on Jan 11, 2026 05:13 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).